The Fallacy of a One Stop Shop for Container Security w/ Tigera, Scytale & Styra
Details
Container Security is all of us!
Tonight Tigera, Scytale & Styra will kick off this OPA focused meetup with a fireside chat on the fallacy of a one stop shop for Container Security & what does a lifecycle really look like when planning security for your container environment.
The Open Policy Agent (OPA) is an open source, general-purpose policy engine that enables unified, context-aware policy enforcement across the entire stack.
We will have (4) awesome speakers at this event:
- Christoper Liljenstolpe, CTO / Co-Founder of Tigera
- Ash Narkar, Core contributor to the Open Policy Agent project
- Torin Sandall, OPA co-founder and tech lead
- Andrew Jessup, Scytale Co-Founder
Agenda:
Fireside Chat 6:00 PM - 6:30 PM
Tigera/Calico Talk 6:30 PM - 6:45 PM
Scytale/SPIFFE Talk 6:45 PM - 7:15 PM
Styra/ Open Policy Agent Talk 7:15PM 7:45 PM
Happy hour & Networking 7:45 PM - 8:30 PM
What are our speakers talking about?
Ash Narkar, Core contributor to the Open Policy Agent
Policy Enforcement with Kubernetes Admission Control
In this talk, we will introduce the Cloud Native Computing Foundation’s Open Policy Agent project. OPA is an open source, general-purpose policy engine which can be used to enforce fine-grained access control in any system and at any layer of the stack. The talk will explain how OPA works and how it integrates with various projects like Kubernetes, Ceph, and Istio. Finally, the talk will include a demo about enforcing admission control policies in Kubernetes.
Christopher Liljenstolpe, Co-founder and CTO, Solutions at Tigera
An Intro to Kubernetes Network Policy, Enforcing your intent in a cloud-native world. We will do a brief introduction to Kubernetes network policy, including the whys, hows, and building blocks necessary.
Andrew Jessup, Scytale Co-Founder
Projects like OPA are powerful tools for providing distributed authorization to services running in Kubernetes and elsewhere, but authorization is only as secure as the authentication between those services. Enter SPIFFE and which builds on designs first championed at Google to provide robust authentication in heterogenous environments. This talk will cover the foundational underpinnings of SPIFFE and SPIRE, and how they can be used in conjunction with systems like OPA to solve for critical infrastructure challenges when building distributed systems.
Speaker Bios:
Ash Narkar is a core contributor to the open source Open Policy Agent project. Ash has over 5 years of experience working on large-scale distributed systems. Ash is a Senior Software Engineer at Styra, Inc working on OPA development and integrations. Previously he was a Principal Engineer at Verizon Labs where he worked on their IoT platform.
Torin Sandall is the co-founder and technical lead of the Open Policy Agent project. Torin has spent over 10 years working as a software engineer on large-scale distributed systems projects. Previously, Torin was a senior engineer at Cyan, Inc. where he designed and developed core components of their NFV platform.
Christopher is the original architect of Project Calico and has helped define the future of networking for containers and services. Using his extensive practical experience designing and operating global-scale networks and enterprise cloud architectures, Christopher works closely with Tigera’s customers and the open community to drive the delivery of secure, simple and scalable application connectivity for the cloud native era.
Andrew Jessup is an engineer, and entrepreneur with a passion for building tools that help bring simplicity to software development. Prior to co-founding Scytale, Andrew was a product manager on Google’s Cloud Platform, launching many of the automation primitives on Google Compute Engine, helping improve developer workflow with the Spinnaker and Container Builder projects, and helping improve accessibility to developers and operations teams.
We look forward to hosting you onsite!